Credit Card Safety - The need of the hour!
Credit cards have become a powerful financial tool in the present-day environment. They offer expediency, purchasing capabilities and many rewards depending on the card offers. Nevertheless, the extensive use of credit cards has also caused them to become a primary target of financial fraud and unauthorized utilization. In the following, there exists a several guidelines to enhance the security of your credit cards.
1. Keep your credit cards physically safe.
First and foremost, it is vitally important to maintain the physical security of your credit cards. This ensures that they do not come into the procession of unauthorized individuals. Here are a few tips to take to strength the physical security of your credit cards:
- Use a proper wallet or cardholder: Because of today’s technology, some wallets and cardholders are designed to provide RFID blocking. These can be used to protect your cards against malicious intents including skimming and cloning.
- Avoid leaving your credit cards in plain sight: Keep them in a secure and hidden location.
- Avoid taking pictures of your credit card: It is recommended to not take a picture of your credit card unless you have a legitimate reason. In case of a breach on your phone, your credit cards are still safe and secure.
2. Be vigilant and stay alert when using ATMs and card readers.
When using your credit cards at the ATMs and card readers, you are strongly advised to:
- Beware of your surroundings: Cover the keypads when entering your PIN numbers. This can protect against shoulder surfing.
- Try not to use magnetic stripes, instead using near-field card or EMV chip. These are much harder for bad actors to steal your credentials.
3.Utilizing security features on your banking apps.
- Immediate Fraud detection: You will be notified immediately when there is a suspicious transaction. The allows you to take necessary actions quickly to resolve the issues and to avoid financial loss.
- Lock and Unlock cards: In case your credit cards have been compromised, banking apps allow you to lock your credit cards to avoid additional unauthorized transactions.
4.Report lost or stolen credit cards.
- Notify your bank immediately when you become aware of your card being stolen or lost.
- Sign in into your banking app and lock your lost or stolen card immediately.
- Examine your transactions to identify any suspicious activity.
In today’s world we live in, financial transactions are increasingly digital. The above tips act as a defense to secure your financial assets. By following this credit card security measurement, you can confidently protect yourself against nefarious financial motives while enjoying the advantages of your credit cards. For more tips and tricks follow us here @JWUITSecurity
Identity Theft Information
Identity Theft: Resources and Strategies
Identity theft has been the number one consumer complaint registered with the Federal Trade Commission (FTC) since 1999. In our modern digital world the interconnectedness of electronic resources has made it easier for criminals to steal identities using fewer and fewer pieces of information. The following information is provided to members of the University community to draw attention to the risk of identity theft and to aid in preventing and monitoring for identity theft.
To prevent identity theft the Federal Department of Justice recommends the following actions:
- Avoid giving out personal information. In particular be "stingy" about providing your Social Security number, credit card numbers, mother's maiden name, or telephone numbers. If asked for any of these pieces of information ask why they are being requested and when possible refuse to provide them.
- Check your financial information regularly. Reading your credit card statement every month will allow you to quickly recognize unusual charges or expenses.
- Obtain a copy of your credit report annually. Your credit report will list all your accounts and loans and this will enable you to discover any misuse of your name or credit.
- Maintain a careful and detailed set of financial records. This will not only permit you to review your credit report quickly, but will be quite valuable should you become the victim of identity theft.
One of the best overviews of identity theft that includes both preventive information as well as effective advice to recover from identity theft can be found at: http://www.ftc.gov/bcp/edu/microsites/idtheft/.
Extensive information on identity theft is available. Some of the resources that are particularly useful are:
- If you are a victim of identity theft the FTC's site is excellent:
http://www.ftc.gov/bcp/edu/microsites/idtheft/ - The Department of Justice's information page on identity theft:
http://www.usdoj.gov/criminal/fraud/websites/idtheft.html(this link also provides phone numbers for reporting identity theft and for obtaining credit reports) - The Privacy Right's Clearinghouse on identity theft:
https://www.privacyrights.org/topics/7
About Phishing
Of the many scams facing JWU students, faculty, and staff while navigating the Internet, phishing is potentially one of the most damaging, with serious consequences if an Internet user is not prepared to identify and avoid such fraud.
Phishing is a scam, an email-based attack that attempts to fool you into taking an action. It tries to trick you into revealing personal or confidential information which the scammer can use illicitly. Typically, such an email looks to be from someone you know or trust, and entices you to take an action, such as clicking on a link or opening an attachment.
Phishing scams come from everywhere, both forged @jwu.edu accounts and others. Although JWU currently blocks most phishing, there are still many cases of JWU users being affected.
Protect Yourself
- Be cautious
- Never give out personal information or credentials via email
- Look for incorrect grammar, capitalization, and verb tenses
- Do not immediately click on links. First, hover your cursor over the links; look for inconsistencies. These links may be directing you to a fraudulent website, different from the one claimed
- Do not respond to suspicious emails
- Be suspicious of "immediate action" emails that create a sense of urgency
- Be suspicious of emails with a generic greeting
- Just because you receive an email from a friend does not mean he/she sent it. Your friend's computer may have been infected, and malware is sending the email with your friend's list of contacts. Check with your friend to confirm that he/she sent it.
- Do not download anything from unknown and/or untrusted websites
- If an email seems odd or too good to be true, it is most likely an attack
- Never provide login or personal information via email or via a website you click to from a suspicious email
- Try Google’s Phishing Quiz to test your phishing knowledge
- Manage spam in your JWU email
What JWU IT Does
- JWU will never ask for your username or password via email or phone.
- There is no emergency or special situation that will ever override this. Do not believe emails directing you to other web pages that ask for your JWU credentials. These are always bogus attempts to steal your information.
- Our Information Security team reviews any email that looks suspicious.
- Any emca ccccail determined to be malicious is blocked from going through JWU's network, thus preventing it from spreading within the JWU community.
- Report an Incident with any suspicious email that is received in your JWU email.
I Got a SCAM Email, What Next?
- Check the email address -- does it really match the email content? Does it match the legitimate email address of the organization it is supposed to be?
- Do not click on links in an email you believe to be fraudulent -- it could be a link to a malicious software auto-download.
- Check the security certificate of any website into which you are entering sensitive data. The website address should begin with https://. And, some browsers will display padlock symbols in the address and status bars. Anything on a website can be falsified, even if it says it's safe, and it can't be verified by the browser you are using; thus, it shouldn't be trusted.
- Type in web addresses yourself -- some emails may link you to a website that appears to have a legitimate address, but is actually fake (ie, jwu.scholarships.com is not the same as a jwu.edu website).
Privacy vs. Security: Both Matter
Today though, we live in a day and age where it is clear that a strong password isn’t enough to keep prying eyes from your digital presence, in such times a weak, common and easy to guess password can give easy access to malicious actors to your most crucial infomration. With tool avaible that can guess 200 passwords in seconds it's best to make your passwords long, complex and unique for every site.
Here are some tips on making a secure password:
- At least 8 characters—the more characters, the better.
- A mixture of both uppercase and lowercase letters.
- A mixture of letters and numbers.
- Inclusion of at least one special character, e.g., ! @ # ? ] Note: do not use < or > in your password, as both can cause problems in Web browsers
- Avoid repeating the password across differnet sites.
The attackers maybe Smart but, you can be CyberSmart. Still confused? Check out the video here
To use or not to use : Public Wi-Fi ?
While heading home for the Holidays, you stop to purchase an espresso either at a local café, or the airport. While waiting, you connect to their public Wi-Fi and check if your paycheck has cleared via your bank’s website. What you didn’t know is that an attacker was spying on your internet traffic and was able to intercept your password when you were logging into your bank account. Attacks like these are far too common nowadays, so it is important to understand where they can happen, and how to protect yourself from them. The biggest threat posed to you when connecting to an unsecure public Wi-Fi is when a malicious actor is able to situate themselves between you and the connection access point. Essentially, this allows the attacker to intercept and read your internet traffic which can contain sensitive data such as credit card numbers, usernames and passwords, and even private emails. These attacks are normally orchestrated on unsecure, public Wi-Fi networks which can be found in the majority of businesses today including restaurants, malls, local libraries, and even airports.
So how do you protect yourself against such attacks? One way to protect yourself is to confirm that your browser uses HTTPS instead of HTTP. A simple way to check if a website uses HTTPS is to look at the little lock icon next to the search bar at the top of your browser. If the icon depicts a ‘closed lock’, then the website is most likely using HTTPS. If the icon depicts an ‘open lock’ (sometimes with a red slash going through it) then the website is most likely using HTTP and is not secure; anything done on that website can be viewed by a malicious actor. The majority of websites today also have a setting labeled ‘Always Use HTTPS’ that can be toggled on or off. This setting, when enabled, ensures that even if you view the HTTP version of the website, you will be redirected to the HTTPS version; further ensuring the security of your personal data. Another way to protect yourself against these attacks is to use a trusted Virtual Private Network (VPN). Using a VPN encrypts any data transmitted to make sure it cannot be viewed by a malicious actor on the network.
Did you update your browser?
Have you constantly pushed software updates until later? Notifications are persistent, but there is a reason why. Software updates for devices and updating web browsers are essential in practicing best security practices within Cybersecurity. For software updates, it includes repairing or removing software bugs (flaw in a system or program), adding new features to a device, and removing out of date features. Additionally, all devices should be running the latest version of software. Considering removing software flaws (vulnerabilities), updating a system is beneficial against attackers. Simply, if a vulnerability is present within a system, an attacker will take advantage of such a weakness. If one system is compromised, connected to a network, the potential is severe to compromise other devices within a network. Mitigate the circumstances by updating a system’s operating system and software on a device.
Securing web browsers are just as important when compared to a system’s software version, for malicious software can be injected or denial of service (DoS) attacks can be issued through a web browser’s vulnerability. For everyone’s safety, don’t be the vulnerability in a network that can spread amongst other systems. Practice Cybersecurity by keeping all devices, software, and web browsers up to date.
Portable Media Disposal Locations
Portable media disposal locations are available in several University locations. Before placing an item in the bin, please refer to the University Asset Disposal Policy. ( Asset Disposal Policy)
Providence - Downcity:
- Campus Safety & Security
- John Hazen White Center - 5th flr, Room 551, Faculty Resource Room
- Student Services Center - 1st flr near main printer
- Xavier Academy Hall - Faculty Resource Center
Providence - Harborside:
- Harborside Academy Center - Faculty Resource Center
- The Friedman Center - Student Academic & Financial Services
Charlotte:
-
Academic Center - 3rd flr Printing & Mailing Services